Formulating and managing online identity and access control
A comprehensive collection of articles, videos and more, hand-picked by our editors
Regardless of your company's size, managing identity can be a huge undertaking that requires the efficient oversight of many moving parts. In this lesson, guest instructor Richard Mackey, principal with consultancy SystemExperts, helps you put together the pieces of an identity and access management architecture. Mackey explores the essentials of identity and access management, from the role of directories to effectively establishing approval workflows. You'll walk away with tips for tackling the five key challenges in managing identities and effective access control strategies.
Webcast: Demystifying identity management
Length: 60 minutes
This webcast serves as an excellent primer for security professionals overwhelmed by the daunting prospect of the complexities of identity management. Mackey begins with access management fundamentals, including the role directories play and where the authoritative source of identity information lies. Additionally, Mackey covers the intersection of identity management and compliance, and introduces emerging concepts such as how to begin federating identity between organizations.
Technical article: From the gateway to the application: Effective access control strategies
Organizations need to strike a balance between so-called front-door access control and more fine-grained controls within applications themselves. In this article, Mackey analyzes the differences between products designed to set access at the gateway and complementary application-level controls. Learn how gateway-based access control works, the value in managing authorization in a centralized manner and the access control functions left for the application to perform.
Podcast: Five key challenges in managing identities
Length: 10 minutes
Mackey introduces the concept of identity management and discusses five high-level security challenges ID management helps organizations solve, including provisioning/de-provisioning and centralization/decentralization. Mackey also reviews the challenges organizations are faced when solving these problems.
Take this five-question quiz to see how much you've learned about building an identity and access management architecture.
About the instructor
Richard Mackey, ISACA, CISM, is a principal with consultancy SystemExperts. He is regarded as one of the industry's foremost authorities on distributed computing infrastructure and security. Mackey has advised leading Wall Street firms on overall security architecture, virtual private networks, enterprise-wide authentication, and intrusion detection and analysis. He also has unmatched expertise in the OSF Distributed Computing Environment. Mackey is a frequent speaker at major conferences such as SearchSecurity.com's Information Security Decisions and has taught numerous tutorials on developing secure distributed applications.